[79012] branches/gsoc11-post-destroot/base/src
fotanus at macports.org
fotanus at macports.org
Sun May 29 22:00:23 PDT 2011
Revision: 79012
http://trac.macports.org/changeset/79012
Author: fotanus at macports.org
Date: 2011-05-29 22:00:22 -0700 (Sun, 29 May 2011)
Log Message:
-----------
Migrated mtree check for postdestroot phase.
Fixed a syntax bug on portimage.
Modified Paths:
--------------
branches/gsoc11-post-destroot/base/src/port1.0/portdestroot.tcl
branches/gsoc11-post-destroot/base/src/port1.0/portpostdestroot.tcl
branches/gsoc11-post-destroot/base/src/registry2.0/portimage.tcl
Modified: branches/gsoc11-post-destroot/base/src/port1.0/portdestroot.tcl
===================================================================
--- branches/gsoc11-post-destroot/base/src/port1.0/portdestroot.tcl 2011-05-30 02:58:38 UTC (rev 79011)
+++ branches/gsoc11-post-destroot/base/src/port1.0/portdestroot.tcl 2011-05-30 05:00:22 UTC (rev 79012)
@@ -47,7 +47,6 @@
# define options
options destroot.target destroot.destdir destroot.clean destroot.keepdirs destroot.umask
-options destroot.violate_mtree destroot.asroot
options startupitem.create startupitem.requires startupitem.init
options startupitem.name startupitem.start startupitem.stop startupitem.restart
options startupitem.type startupitem.executable
@@ -67,7 +66,6 @@
default destroot.umask {$system_options(destroot_umask)}
default destroot.clean no
default destroot.keepdirs ""
-default destroot.violate_mtree no
default startupitem.name {${subport}}
default startupitem.uniquename {org.macports.${startupitem.name}}
@@ -105,17 +103,6 @@
ui_notice "$UI_PREFIX [format [msgcat::mc "Staging %s into destroot"] ${subport}]"
- # start gsoc08-privileges
- if { [getuid] == 0 && [geteuid] != 0 } {
- # if started with sudo but have dropped the privileges
- ui_debug "Can't run destroot under sudo without elevated privileges (due to mtree)."
- ui_debug "Run destroot without sudo to avoid root privileges."
- ui_debug "Going to escalate privileges back to root."
- setegid $egid
- seteuid $euid
- ui_debug "euid changed to: [geteuid]. egid changed to: [getegid]."
- }
-
if { [tbool destroot.asroot] && [getuid] != 0 } {
return -code error "You cannot run this port without root privileges. You need to re-run with 'sudo port'.";
}
@@ -123,20 +110,10 @@
# end gsoc08-privileges
set oldmask [umask ${destroot.umask}]
- set mtree [findBinary mtree ${portutil::autoconf::mtree_path}]
if { ${destroot.clean} == "yes" } {
delete "${destroot}"
}
-
- file mkdir "${destroot}"
- if { ${os.platform} == "darwin" } {
- system "cd \"${destroot}\" && ${mtree} -e -U -f [file join ${portsharepath} install macosx.mtree]"
- file mkdir "${destroot}${applications_dir}"
- file mkdir "${destroot}${frameworks_dir}"
- }
- file mkdir "${destroot}${prefix}"
- system "cd \"${destroot}${prefix}\" && ${mtree} -e -U -f [file join ${portsharepath} install prefix.mtree]"
}
proc portdestroot::destroot_main {args} {
@@ -145,7 +122,7 @@
}
proc portdestroot::destroot_finish {args} {
- global UI_PREFIX destroot prefix subport startupitem.create destroot.violate_mtree
+ global UI_PREFIX destroot prefix subport startupitem.create
global applications_dir frameworks_dir destroot.keepdirs
global os.platform os.version
variable oldmask
@@ -277,79 +254,6 @@
}
}
- # test for violations of mtree
- if { ${destroot.violate_mtree} != "yes" } {
- ui_debug "checking for mtree violations"
- set mtree_violation "no"
-
- set prefixPaths [list bin etc include lib libexec sbin share src var www Applications Developer Library]
-
- set pathsToCheck [list /]
- while {[llength $pathsToCheck] > 0} {
- set pathToCheck [lshift pathsToCheck]
- foreach file [glob -nocomplain -directory $destroot$pathToCheck .* *] {
- if {[file tail $file] eq "." || [file tail $file] eq ".."} {
- continue
- }
- if {[string equal -length [string length $destroot] $destroot $file]} {
- # just double-checking that $destroot is a prefix, as is appropriate
- set dfile [file join / [string range $file [string length $destroot] end]]
- } else {
- throw MACPORTS "Unexpected filepath `${file}' while checking for mtree violations"
- }
- if {$dfile eq $prefix} {
- # we've found our prefix
- foreach pfile [glob -nocomplain -tails -directory $file .* *] {
- if {$pfile eq "." || $pfile eq ".."} {
- continue
- }
- if {[lsearch -exact $prefixPaths $pfile] == -1} {
- ui_warn "violation by [file join $dfile $pfile]"
- set mtree_violation "yes"
- }
- }
- } elseif {[string equal -length [expr [string length $dfile] + 1] $dfile/ $prefix]} {
- # we've found a subpath of our prefix
- lpush pathsToCheck $dfile
- } else {
- set dir_allowed no
- # these files are (at least potentially) outside of the prefix
- foreach dir "$applications_dir $frameworks_dir /Library/LaunchAgents /Library/LaunchDaemons /Library/StartupItems" {
- if {[string equal -length [expr [string length $dfile] + 1] $dfile/ $dir]} {
- # it's a prefix of one of the allowed paths
- set dir_allowed yes
- break
- }
- }
- if {$dir_allowed} {
- lpush pathsToCheck $dfile
- } else {
- # not a prefix of an allowed path, so it's either the path itself or a violation
- switch -- $dfile \
- $applications_dir - \
- $frameworks_dir - \
- /Library/LaunchAgents - \
- /Library/LaunchDaemons - \
- /Library/StartupItems { ui_debug "port installs files in $dfile" } \
- default {
- ui_warn "violation by $dfile"
- set mtree_violation "yes"
- }
- }
- }
- }
- }
-
- # abort here only so all violations can be observed
- if { ${mtree_violation} != "no" } {
- ui_warn "[format [msgcat::mc "%s violates the layout of the ports-filesystems!"] [option subport]]"
- ui_warn "Please fix or indicate this misbehavior (if it is intended), it will be an error in future releases!"
- # error "mtree violation!"
- }
- } else {
- ui_warn "[format [msgcat::mc "%s installs files outside the common directory structure."] [option subport]]"
- }
-
# Restore umask
umask $oldmask
Modified: branches/gsoc11-post-destroot/base/src/port1.0/portpostdestroot.tcl
===================================================================
--- branches/gsoc11-post-destroot/base/src/port1.0/portpostdestroot.tcl 2011-05-30 02:58:38 UTC (rev 79011)
+++ branches/gsoc11-post-destroot/base/src/port1.0/portpostdestroot.tcl 2011-05-30 05:00:22 UTC (rev 79012)
@@ -7,13 +7,34 @@
set org.macports.postdestroot [target_new org.macports.postdestroot portpostdestroot::postdestroot_main]
target_provides ${org.macports.postdestroot} postdestroot
target_requires ${org.macports.postdestroot} main destroot
+target_prerun ${org.macports.postdestroot} portpostdestroot::postdestroot_start
namespace eval portpostdestroot {
}
+#options
+options destroot.violate_mtree destroot.asroot
+
+#defaults
+default destroot.violate_mtree no
+
set_ui_prefix
-# list all links on a directory recursively
+
+# Starting procedure from postdestroot phase. Check for permissions.
+proc portpostdestroot::postdestroot_start {args} {
+ if { [getuid] == 0 && [geteuid] != 0 } {
+ # if started with sudo but have dropped the privileges
+ ui_debug "Can't run destroot under sudo without elevated privileges (due to mtree)."
+ ui_debug "Run destroot without sudo to avoid root privileges."
+ ui_debug "Going to escalate privileges back to root."
+ setegid $egid
+ seteuid $euid
+ ui_debug "euid changed to: [geteuid]. egid changed to: [getegid]."
+ }
+}
+
+# List all links on a directory recursively. This function is for internal use.
proc portpostdestroot::links_list {dir} {
set ret {}
foreach item [glob -nocomplain -type {d l} -directory $dir *] {
@@ -27,6 +48,7 @@
return $ret
}
+# Check for erros on port symlinks
proc portpostdestroot::postdestroot_symlink_check {} {
global UI_PREFIX destroot prefix
ui_notice "$UI_PREFIX Checking for links"
@@ -54,10 +76,95 @@
}
}
+# Check for erros that violates the macports directory tree.
+proc portpostdestroot::postdestroot_mtree_check {} {
+
+ global destroot prefix portsharepath destroot.violate_mtree
+ global os.platform applications_dir frameworks_dir
+ global UI_PREFIX
+
+ set mtree [findBinary mtree ${portutil::autoconf::mtree_path}]
+
+ # test for violations of mtree
+ if { ${destroot.violate_mtree} != "yes" } {
+ ui_notice "$UI_PREFIX Executing mtree check"
+ ui_debug "checking for mtree violations"
+ set mtree_violation "no"
+
+ set prefixPaths [list bin etc include lib libexec sbin share src var www Applications Developer Library]
+
+ set pathsToCheck [list /]
+ while {[llength $pathsToCheck] > 0} {
+ set pathToCheck [lshift pathsToCheck]
+ foreach file [glob -nocomplain -directory $destroot$pathToCheck .* *] {
+ if {[file tail $file] eq "." || [file tail $file] eq ".."} {
+ continue
+ }
+ if {[string equal -length [string length $destroot] $destroot $file]} {
+ # just double-checking that $destroot is a prefix, as is appropriate
+ set dfile [file join / [string range $file [string length $destroot] end]]
+ } else {
+ throw MACPORTS "Unexpected filepath `${file}' while checking for mtree violations"
+ }
+ if {$dfile eq $prefix} {
+ # we've found our prefix
+ foreach pfile [glob -nocomplain -tails -directory $file .* *] {
+ if {$pfile eq "." || $pfile eq ".."} {
+ continue
+ }
+ if {[lsearch -exact $prefixPaths $pfile] == -1} {
+ ui_warn "violation by [file join $dfile $pfile]"
+ set mtree_violation "yes"
+ }
+ }
+ } elseif {[string equal -length [expr [string length $dfile] + 1] $dfile/ $prefix]} {
+ # we've found a subpath of our prefix
+ lpush pathsToCheck $dfile
+ } else {
+ set dir_allowed no
+ # these files are (at least potentially) outside of the prefix
+ foreach dir "$applications_dir $frameworks_dir /Library/LaunchAgents /Library/LaunchDaemons /Library/StartupItems" {
+ if {[string equal -length [expr [string length $dfile] + 1] $dfile/ $dir]} {
+ # it's a prefix of one of the allowed paths
+ set dir_allowed yes
+ break
+ }
+ }
+ if {$dir_allowed} {
+ lpush pathsToCheck $dfile
+ } else {
+ # not a prefix of an allowed path, so it's either the path itself or a violation
+ switch -- $dfile \
+ $applications_dir - \
+ $frameworks_dir - \
+ /Library/LaunchAgents - \
+ /Library/LaunchDaemons - \
+ /Library/StartupItems { ui_debug "port installs files in $dfile" } \
+ default {
+ ui_warn "violation by $dfile"
+ set mtree_violation "yes"
+ }
+ }
+ }
+ }
+ }
+
+ # abort here only so all violations can be observed
+ if { ${mtree_violation} != "no" } {
+ ui_warn "[format [msgcat::mc "%s violates the layout of the ports-filesystems!"] [option subport]]"
+ ui_warn "Please fix or indicate this misbehavior (if it is intended), it will be an error in future releases!"
+ # error "mtree violation!"
+ }
+ } else {
+ ui_warn "[format [msgcat::mc "%s installs files outside the common directory structure."] [option subport]]"
+ }
+}
+
proc portpostdestroot::postdestroot_main {args} {
global UI_PREFIX
ui_notice "$UI_PREFIX Executing post-destroot phase"
+
postdestroot_symlink_check
+ postdestroot_mtree_check
return 0
}
-
Modified: branches/gsoc11-post-destroot/base/src/registry2.0/portimage.tcl
===================================================================
--- branches/gsoc11-post-destroot/base/src/registry2.0/portimage.tcl 2011-05-30 02:58:38 UTC (rev 79011)
+++ branches/gsoc11-post-destroot/base/src/registry2.0/portimage.tcl 2011-05-30 05:00:22 UTC (rev 79012)
@@ -381,7 +381,7 @@
eval file attributes {$dstfile} [file attributes $srcfile]
} else {
# not root, so can't set owner/group
- eval file attributes {$dstfile} -permissions [file attributes -permissions $srcfile]
+ eval file attributes {$dstfile} -permissions [file attributes $srcfile -permissions ]
}
# set mtime on installed element
file mtime $dstfile [file mtime $srcfile]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-changes/attachments/20110529/3123f0cd/attachment-0001.html>
More information about the macports-changes
mailing list